Using call to transfer Ether opens the function to reentrancy attacks.
The use of call
to transfer Ether is potentially vulnerable to reentrancy attacks, especially since state changes (i.e., deleting rewardsOwned[msg.sender]
) occur after the transfer. If an attacker can re-enter the contract in the middle of the execution, they can call claimAllRewards
multiple times before the state is updated, effectively draining the contract.
This logic also works in claimSingleReward().
If an attacker successfully performs a reentrancy attack, they could claim rewards multiple times, draining the contract’s funds.
Manual review
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.